Workshop Program

To access a presentation's content, please click on its title below.

All sessions will be held in Congressional A unless otherwise noted.

The full papers published by USENIX for the workshop are available as a download or individually below to workshop registrants immediately and to everyone beginning August 13, 2013. Everyone can view the abstracts immediately. Copyright to the individual works is retained by the author[s].

Continental Breakfast

Social networking sites, such as Twitter and Facebook, have become an impressive force in the modern world with user bases larger than many individual countries. With such influence, they have become important in the process of worldwide politics. Those seeking to be elected often use social networking accounts to promote their agendas while those opposing them may seek to either counter those views or drown them in a sea of noise. Building on previous work that analyzed a Russian event where Twitter spam was used as a vehicle to suppress political speech, we inspect five political events from 2011 and 2012: two related to China and one each from Syria, Russia, and Mexico. Each of these events revolved around popular Twitter hashtags which were inundated with spam tweets intended to overwhelm the original content.

We find that the nature of spam varies sufficiently across incidents such that generalizations are hard to draw. Also, spammers are evolving to mimic human activity closely. However, a common theme across all incidents was that the accounts used to send spam were registered in blocks and had automatically generated usernames. Our findings can be used to guide defense mechanisms to counter political spam on social networks.

Over the years, the Internet has democratized the flow of information. Unfortunately, in parallel, authoritarian regimes and other entities (such as ISPs) for their vested interests have curtailed this flow by partially or fully censoring the web. The policy, mechanism, and extent of this censorship varies from country to country.

We present the first study of the cause, effect, and mechanism of web censorship in Pakistan. Specifically, we use a publicly available list of blocked websites and check their accessibility from multiple networks within the country. Our results indicate that the censorship mechanism varies across websites: some are blocked at the DNS level while others at the HTTP level. Interestingly, the government shifted to a centralized, Internet exchange level censorship system during the course of our study, enabling our findings to compare two generations of blocking systems. Furthermore, we report the outcome of a controlled survey to ascertain the mechanisms that are being actively employed by people to circumvent censorship. Finally, we discuss some simple but surprisingly unexplored methods of bypassing restrictions.

The Iranian government operates one of the largest and most sophisticated Internet censorship regimes in the world, but the mechanisms it employs have received little research attention, primarily due to lack of access to network connections within the country and personal risks to Iranian citizens who take part. In this paper, we examine the status of Internet censorship in Iran based on network measurements conducted from a major Iranian ISP during the lead up to the June 2013 presidential election. We measure the scope of the censorship by probing Alexa’s top 500 websites in 18 different categories. We investigate the technical mechanisms used for HTTP Host–based blocking, keyword filtering, DNS hijacking, and protocol-based throttling. Finally, we map the network topology of the censorship infrastructure and find evidence that it relies heavily on centralized equipment, a property that might be fruitfully exploited by next generation approaches to censorship circumvention.

Censorship systems that make dynamic blocking decisions must inspect network activity on-the-fly to identify content to filter. By inferring the analysis models of such monitors we can identify their vulnerabilities to different forms of evasions that we can then exploit for circumvention. We leverage the observation that censorship monitors essentially work on the same principles as Network Intrusion Detection Systems (NIDS) and therefore inherit the same evasion vulnerabilities already discussed in the NIDS context for years. Using this past work as a guide, we illustrate the power of illuminating a monitor’s analysis model by conducting extensive probing to test for vulnerabilities in the Great Firewall of China. We find exploitable flaws in its TCB creation and destruction, fragment and segment reassembly, packet validation, (in)completeness of HTTP analysis, and state management.

Analysing censorship incidents targeting popular circumvention tools such as Tor can be a tedious task. Access to censoring networks is typically difficult to obtain and remote analysis is not always possible. Analysis is however feasible if users behind the censoring networks are given the opportunity to help.

In this paper, we propose a lightweight censorship analyser for Tor which is meant to be run by volunteering users. The analyser automatically gathers relevant data and the final report is sent back to the Tor developers. Our design builds on existing software and should be easy to bundle and deploy.

Shaddi Hasan, University of California, Berkeley; Yahel Ben-David, University of California, Berkeley, and De Novo Group; Giulia Fanti, University of California, Berkeley; Eric Brewer, University of California, Berkeley, and Google; Scott Shenker, University of California, Berkeley, and International Computer Science Institute

Large-scale communications blackouts, such as those carried out by Egypt and Libya in 2011 and Syria in 2012 and 2013, have motivated a series of projects that aim to enable citizens to communicate even in the face of such heavy-handed censorship efforts. A common theme across these proposals has been the use of wireless mesh networks. We argue that such networks are poorly equipped to serve as a meaningful countermeasure against large-scale blackouts due to their intrinsically poor scaling properties. We further argue that projects in this space must consider user safety as first design priority and thus far have failed to preserve user anonymity and to rely only on innocuous hardware. From these two insights, we frame a definition of dissent networks to capture the essential requirements for blackout circumvention solutions.

We devise a scalable and provably-secure protocol for fully-anonymous broadcast in large-scale networks. Similar to the dining cryptographers networks (DCNETS), our algorithm uses secure multi-party computation (MPC) to ensure anonymity. However, we address the weaknesses of DC-NETS, which are poor scalability and vulnerability to jamming attacks. When compared to the state-of-the-art, our protocol reduces the total bit complexity from O(n2) to Õ(n) per anonymous message sent in a network of size n; total latency increases from O(1) to polylog(n). We assume up to a one third fraction of the parties is controlled by a static Byzantine adversary. We further assume that this adversary is computationally unbounded, and thus make no cryptographic hardness assumptions.

Charalampos Rotsos, Heidi Howard, and David Sheets, University of Cambridge; Richard Mortier, University of Nottingham; Anil Madhavapeddy, Amir Chaudhry, and Jon Crowcroft, University of Cambridge

The de facto architecture of today’s Internet services all but removes users’ ability to establish inter-device connectivity except through centrally controlled “cloud” services. Whilst undeniably convenient, the centralised data silos of the cloud remain opaque and an attractive target for attackers. A range of mechanisms exist for establishing secure peer-to-peer connections, but are inaccessible to most users due to the intricacy of their network configuration assumptions. Users effectively give up security, privacy and (when peers are both on the same LAN) low-latency simply to get something useable.

We observe that existing Internet technologies suffice to support efficient, secure and decentralized communication between users, even in the face of the extreme diversity of edge connectivity and middlebox intervention. We thus present Signpost, a system that explicitly represents individual users in a network-wide architecture. Signpost DNS servers create a “personal CDN” for individuals, securely orchestrating the many different available techniques for establishing device-to-device connectivity to automatically select the most appropriate. A DNS API gives application compatibility, and DNSSEC and DNSCurve bootstraps secure connectivity

Tor, the popular anonymous relay tool, incurs significant latency costs—partly due to extra network hops, but also due to TCP’s strict in-order delivery. We examine the problem of TCP’s head-of-line blocking in Tor, although this problem affects any application multiplexing streams atop TCP. Using uTCP and uTLS, techniques for enabling unordered delivery in TCP and TLS, respectively, we eliminate head-of-line blocking between Tor circuits sharing a TCP connection, without sacrificing Tor’s security. The small code footprint of uTCP and uTLS, and the minimal changes required to Tor, suggest the feasability of our approach. A micro-benchmark indicates that the integration of uTCP and uTLS can noticeably lower application-perceived latency.